touch-packages team mailing list archive

Thread
Date
[Bug 1517685] Re: XDMCP server starts without authentication if configured key does not exist

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1517685@xxxxxxxxxxxxxxxxxx>
Date: Wed, 09 Dec 2015 14:42:20 -0000
Reply-to: Bug 1517685 <1517685@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package lightdm - 1.10.6-0ubuntu1

---------------
lightdm (1.10.6-0ubuntu1) trusty; urgency=medium

  * New upstream release:
    - Handle trailing whitespace on boolean values in configuration.
      (LP: #1507033)
    - Use libaudit to generate audit events.
    - Fix apparmor profiles for running Chromium in guest sessions.
      (LP: #1504049)
    - Add LC_PAPER, LC_NAME, LC_ADDRESS, LC_TELEPHONE, LC_MEASUREMENT and
      LC_IDENTIFICATION variables to the list of inherited locale variables.
      (LP: #1511259)
    - Add a backup-logs option that can be used to disable existing logging
      files having a .old suffix added to them.
    - Check the version of the X server we are running so we correctly pass
      -listen tcp when required. (LP: #1449282)
    - Use IP address of XDMCP requests to contact X server if available.
      (LP: #1481561)
    - Implement XDMCP ForwardQuery. (LP: #1511545)
    - Add an option for XDMCP and VNC servers to only listen on one address.
      (LP: #1390808)
    - Don't start LightDM if the XDMCP server is configured with a key that
      doesn't exist. (LP: #1517685)
    - Add IP addresses to XDMCP log messages.
    - Refactor XDMCP error handling.
    - Fix small memory leak in XDMCP logging code.
    - Fix typo in dm-tool man page. (LP: #1470587)
    - Use new Xmir binary when running X under Unity System Compositor.
    - Fix all the things that prevent clang (3.5) from building LightDM with
      -Werror.
    - Add more tests.

 -- Robert Ancell <robert.ancell@xxxxxxxxxxxxx>  Fri, 20 Nov 2015
16:07:50 +1300

** Changed in: lightdm (Ubuntu Trusty)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1517685

Title:
  XDMCP server starts without authentication if configured key does not
  exist

Status in Light Display Manager:
  Fix Released
Status in Light Display Manager 1.10 series:
  Fix Released
Status in Light Display Manager 1.14 series:
  Fix Released
Status in Light Display Manager 1.16 series:
  Fix Released
Status in Light Display Manager 1.2 series:
  Fix Released
Status in lightdm package in Ubuntu:
  Fix Released
Status in lightdm source package in Precise:
  New
Status in lightdm source package in Trusty:
  Fix Released
Status in lightdm source package in Vivid:
  Fix Committed
Status in lightdm source package in Wily:
  Fix Committed

Bug description:
  [Impact]
  An incorrectly configured XDMCP server will start without authentication instead of disabling XDMCP / stopping LightDM.

  [Test Case]
  1. Set up LightDM to run an XDMCP server using an XDM authentication key, i.e. in lightdm.conf:
  [XDMCPServer]
  enabled=true
  key=key-name
  2. Do not create /etc/lightdm/keys.conf or do not define 'key-name' in keys.conf.
  3. Start LightDM
  4. Connect XDMCP client.

  Expected result:
  Either LightDM doesn't start or the XDMCP server doesn't start.

  Observed result:
  XDMCP server starts without authentication, any XDMCP client is able to connect. Debug message printed to log warning about missing key, but not easy to spot.

  [Regression Potential]
  Low - change is to not start LightDM if this case occurs. This could affect someone who currently has a misconfigured LightDM. In this case a warning message is printed to the log.

To manage notifications about this bug go to:
https://bugs.launchpad.net/lightdm/+bug/1517685/+subscriptions